andreacavalli/xserver-multidpi
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
5,371 Commits 86 Branches 473 Tags 48 MiB
a88386ee27
Commit Graph

69 Commits

Author SHA1 Message Date
Eamon Walsh
9f56fc5806 XSELinux: Add a request to get a client's context from a resource ID. 2008-03-31 17:35:10 -04:00
Eamon Walsh
b5f98fcea2 XSELinux: Add xorg.conf option for permissive/enforcing/disabled. 
Patch by Joe Nall.

The option goes in the "extmod" subsection.
TODO: Make it easier for extension modules to handle their own options.
 2008-03-28 14:14:23 -04:00
Eamon Walsh
3bbd77ff98 XSELinux: Do a check for whether background "None" is allowed. 2008-03-20 20:03:02 -04:00
Eamon Walsh
e323bb426c XSELinux: Correctly handle some permission bits that are used more than once. 2008-03-20 19:42:09 -04:00
Eamon Walsh
d4101140f4 xselinux: Implement polyinstantiation support and related protocol. 2008-03-04 22:39:41 -05:00
Eamon Walsh
cc76ea6e3a XACE: Add generic support for property and selection polyinstantiation. 2008-02-29 18:01:37 -05:00
Eamon Walsh
34bf308a9e dix: Refactoring of selection code to allow for polyinstantiation. 
Introduces dixLookupSelection() API.
Removes NumCurrentSelections from API.
 2008-02-29 18:01:37 -05:00
Eamon Walsh
d04ea267a4 xselinux: Don't require device "read" permission for XQueryPointer. 
These keyboard and pointer state polling calls are a real problem.
 2008-02-28 21:53:16 -05:00
Eamon Walsh
3fb17a3e64 xselinux: Log messages to both libaudit and Xorg.0.log. 2008-02-28 21:52:57 -05:00
Eamon Walsh
f616735f17 xselinux: Prefix a few remaining error messages with "SELinux". 2008-02-27 22:48:29 -05:00
Eamon Walsh
e40cc5305b xselinux: Don't throw BadAccess if DixUnknownAccess is passed in to a hook. 
The avc will still appear, however, so that the callsite can be fixed.
 2008-02-27 22:48:28 -05:00
Eamon Walsh
3f0681fb0b xselinux: Stub out selection protocol requests. 2008-02-26 23:14:29 -05:00
Eamon Walsh
4632ea2258 xselinux: Rip out the selection code in advance of polyinstantiation support. 
This resolves an issue where BadWindow errors were being thrown.
 2008-02-26 22:00:52 -05:00
Eamon Walsh
e99aadbc26 xselinux: Add use to permission map for devices. 2008-02-13 20:20:49 -05:00
Eamon Walsh
31934132a4 xselinux: Use the device name in debugging output. 2008-02-07 16:32:06 -05:00
Eamon Walsh
6dcb7d732b xselinux: Split devPrivate state into subject and object records. 2008-02-07 16:00:52 -05:00
Eamon Walsh
2259b144f0 xselinux: Add getattr and setattr to the permission map for properties. 2008-02-07 14:35:02 -05:00
Eamon Walsh
5c30327275 XACE: Push the dix "structure" includes down to the security modules. 2008-02-05 21:06:05 -05:00
Eamon Walsh
bb1a577a68 XACE: Move the property access hook to its own function. 2008-02-05 20:07:08 -05:00
Eamon Walsh
46794d0c96 xselinux: Rename SelectionManager to more generic SecurityManager. 2008-01-24 19:49:13 -05:00
Eamon Walsh
6ffeecabb7 xselinux: Use a privileged bit in the state instead of passing an index 
to the permission checking function.
 2008-01-24 18:11:49 -05:00
Eamon Walsh
7ba8e97cba xselinux: Implement "get context" protocol requests. 2008-01-24 19:09:58 -05:00
Eamon Walsh
f0bf9a5231 xselinux: Whitespace fixups. 2008-01-24 19:02:35 -05:00
Eamon Walsh
3b23dd9fd4 xselinux: Fix whitespace warnings. 2007-12-28 13:29:45 -05:00
Eamon Walsh
643c52be32 xselinux: Remove "X" prefix on remaining functions and strings. 
Should be evident from the context.
 2007-12-28 13:27:28 -05:00
Eamon Walsh
f4bc333fc1 xselinux: don't FatalError on an invalid class mapping, just disable support. 2007-12-28 13:27:28 -05:00
Eamon Walsh
f3780ece52 xselinux: Implement swapped protocol request logic. 2007-12-28 13:27:28 -05:00
Eamon Walsh
1393a97ea9 xselinux: Send AVC messages to audit system instead of log file/stderr. 2007-12-20 16:23:49 -05:00
Eamon Walsh
9a7ce57363 xselinux: Add new protocol for setting device create context. 2007-12-12 20:44:59 -05:00
Eamon Walsh
5fea1ed50f registry: Remove registry code from SELinux extension. 
Moving all the names into dix/registry.c
 2007-11-20 18:39:48 -05:00
Eamon Walsh
f207e69d62 xselinux: adjust receive hook to use new synthetic_event class. 2007-11-14 12:23:29 -05:00
Eamon Walsh
45f884d79c xselinux: add new synthetic_event security class, and fix registry code. 2007-11-09 15:00:15 -05:00
Eamon Walsh
c7e18beb3c xselinux: Register SELinux extension protocol names. 2007-11-05 15:02:05 -05:00
Eamon Walsh
3b7af72fe3 xselinux: Add a SetDeviceContext request and stubs for more requests. 2007-10-26 20:32:47 -04:00
Eamon Walsh
7d14ca59c5 xselinux: Don't include the client in the receive hook audit messages. 2007-10-25 19:00:50 -04:00
Eamon Walsh
40de9fcf18 xselinux: Label the default device directly with the process context. 2007-10-25 12:35:01 -04:00
Eamon Walsh
4b05f19cb9 xselinux: Introduce a type transition when labeling events. 2007-10-24 19:59:58 -04:00
Eamon Walsh
0d2ef187e7 xselinux: Add audit message fields for selection and event names. 2007-10-24 18:23:31 -04:00
Eamon Walsh
46521f5298 xselinux: Add basic support for selection access control and redirection. 
Probably not fully baked yet.  It's difficult to test since so few apps
actually follow the ICCCM with respect to cut & paste.
 2007-10-23 20:58:48 -04:00
Eamon Walsh
660557593e xselinux: Remove synthetic bit when looking up event type. 2007-10-23 14:46:37 -04:00
Eamon Walsh
d7db549db4 xselinux: Unregister callbacks on server reset. 2007-10-23 14:08:54 -04:00
Eamon Walsh
ce7f6fe126 xselinux: properly update sizes when dynamic arrays are resized... 2007-10-19 19:40:04 -04:00
Eamon Walsh
55a96aa6b0 xselinux: add basic event labeling. 2007-10-18 14:11:11 -04:00
Eamon Walsh
e974bc1233 xselinux: add hooks for send and receive access. 2007-10-18 12:33:39 -04:00
Eamon Walsh
aa340b2c7c xselinux: add hook for device acceses. 2007-10-17 19:27:16 -04:00
Eamon Walsh
503f918f55 xselinux: Move functions around; add some more comments. 2007-10-17 19:14:15 -04:00
Eamon Walsh
baabae623b xselinux: Started reworking extension using new XACE hooks. 2007-10-17 13:54:56 -04:00
Eamon Walsh
50551ec693 xace: remove obsoleted DRAWABLE_ACCESS hook. 2007-09-28 15:04:33 -04:00
Eamon Walsh
5bee8db003 xace: drop background-none checking hook, add new hook for controlling 
access to other clients.
 2007-08-16 10:44:51 -04:00
Eamon Walsh
3c9553ac2c xace: rename hostlist security hook to "server" as this hook will be used 
for other types of server access besides just the host list.
 2007-08-15 14:14:25 -04:00